openSUSE Security Update : tor (openSUSE-SU-2014:0719-1) (Heartbleed)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- tor 0.2.4.22 [bnc#878486] Tor was updated to the
recommended version of the 0.2.4.x series.

- major features in 0.2.4.x :

- improved client resilience

- support better link encryption with forward secrecy

- new NTor circuit handshake

- change relay queue for circuit create requests from
size-based limit to time-based limit

- many bug fixes and minor features

- changes contained in 0.2.4.22: Backports numerous
high-priority fixes. These include blocking all
authority signing keys that may have been affected by
the OpenSSL 'heartbleed' bug, choosing a far more secure
set of TLS ciphersuites by default, closing a couple of
memory leaks that could be used to run a target relay
out of RAM.

- Major features (security)

- Block authority signing keys that were used on
authorities vulnerable to the 'heartbleed' bug in
OpenSSL (CVE-2014-0160).

- Major bugfixes (security, OOM) :

- Fix a memory leak that could occur if a microdescriptor
parse fails during the tokenizing step.

- Major bugfixes (TLS cipher selection) :

- The relay ciphersuite list is now generated
automatically based on uniform criteria, and includes
all OpenSSL ciphersuites with acceptable strength and
forward secrecy.

- Relays now trust themselves to have a better view than
clients of which TLS ciphersuites are better than
others.

- Clients now try to advertise the same list of
ciphersuites as Firefox 28.

- includes changes from 0.2.4.21: Further improves
security against potential adversaries who find breaking
1024-bit crypto doable, and backports several stability
and robustness patches from the 0.2.5 branch.

- Major features (client security) :

- When we choose a path for a 3-hop circuit, make sure it
contains at least one relay that supports the NTor
circuit extension handshake. Otherwise, there is a
chance that we're building a circuit that's worth
attacking by an adversary who finds breaking 1024-bit
crypto doable, and that chance changes the game theory.

- Major bugfixes :

- Do not treat streams that fail with reason
END_STREAM_REASON_INTERNAL as indicating a definite
circuit failure, since it could also indicate an
ENETUNREACH connection error

- includes changes from 0.2.4.20 :

- Do not allow OpenSSL engines to replace the PRNG, even
when HardwareAccel is set.

- Fix assertion failure when AutomapHostsOnResolve yields
an IPv6 address.

- Avoid launching spurious extra circuits when a stream is
pending.

- packaging changes :

- remove init script shadowing systemd unit

- general cleanup

- Add tor-fw-helper for UPnP port forwarding; not used by
default

- fix logrotate on systemd-only setups without init
scripts, work tor-0.2.2.37-logrotate.patch to
tor-0.2.4.x-logrotate.patch

- verify source tarball signature

See also :

http://lists.opensuse.org/opensuse-updates/2014-05/msg00079.html
https://bugzilla.novell.com/show_bug.cgi?id=878486

Solution :

Update the affected tor packages.

Risk factor :

High / CVSS Base Score : 9.4
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 75376 ()

Bugtraq ID:

CVE ID: CVE-2014-0160

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now